nmunch 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. data/.gitignore +5 -0
  2. data/Gemfile +4 -0
  3. data/Gemfile.lock +33 -0
  4. data/LICENSE +22 -0
  5. data/README.md +103 -0
  6. data/Rakefile +44 -0
  7. data/bin/nmunch +75 -0
  8. data/lib/nmunch.rb +60 -0
  9. data/lib/nmunch/dissectors/arp.rb +26 -0
  10. data/lib/nmunch/dissectors/base.rb +46 -0
  11. data/lib/nmunch/dissectors/ip.rb +26 -0
  12. data/lib/nmunch/mac_oui_lookup.rb +40 -0
  13. data/lib/nmunch/node.rb +53 -0
  14. data/lib/nmunch/report.rb +53 -0
  15. data/lib/nmunch/subscribers/base.rb +18 -0
  16. data/lib/nmunch/subscribers/stdout.rb +23 -0
  17. data/lib/nmunch/version.rb +4 -0
  18. data/mac-prefixes.txt +16085 -0
  19. data/nmunch.gemspec +22 -0
  20. data/spec/lib/nmunch/dissectors/arp_spec.rb +24 -0
  21. data/spec/lib/nmunch/dissectors/base_spec.rb +45 -0
  22. data/spec/lib/nmunch/dissectors/ip_spec.rb +25 -0
  23. data/spec/lib/nmunch/mac_oui_lookup_spec.rb +21 -0
  24. data/spec/lib/nmunch/node_spec.rb +54 -0
  25. data/spec/lib/nmunch/report_spec.rb +39 -0
  26. data/spec/lib/nmunch/subscribers/base_spec.rb +12 -0
  27. data/spec/lib/nmunch/subscribers/stdout_spec.rb +26 -0
  28. data/spec/lib/nmunch_spec.rb +9 -0
  29. data/spec/spec_helper.rb +43 -0
  30. metadata +166 -0
data/nmunch.gemspec ADDED
@@ -0,0 +1,22 @@
1
+ # -*- encoding: utf-8 -*-
2
+ require File.expand_path('../lib/nmunch/version', __FILE__)
3
+
4
+ Gem::Specification.new do |gem|
5
+ gem.authors = ["Michael Henriksen"]
6
+ gem.email = ["michenriksen87@gmail.com"]
7
+ gem.description = %q{Nmunch is a passive network discovery tool that finds live network nodes by analyzing ARP and broadcast packets.}
8
+ gem.summary = %q{OM NOM NOM NOM}
9
+ gem.homepage = "https://github.com/michenriksen/nmunch"
10
+
11
+ gem.files = `git ls-files`.split($\)
12
+ gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
13
+ gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
14
+ gem.name = "nmunch"
15
+ gem.require_paths = ["lib"]
16
+ gem.version = Nmunch::VERSION
17
+ gem.add_development_dependency('rspec')
18
+ gem.add_development_dependency('rake', '>= 0.9.2')
19
+ gem.add_dependency('methadone', '~> 1.2.3')
20
+ gem.add_dependency('pcap', '~> 0.7.7')
21
+ gem.add_dependency('paint')
22
+ end
data/spec/lib/nmunch/dissectors/arp_spec.rb ADDED
@@ -0,0 +1,24 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::Dissectors::Arp do
4
+ let(:arp_pcap_packet) do
5
+ packet = stub(Pcap::Packet)
6
+ packet.stub(:raw_data).and_return(ARP_PACKET_DATA)
7
+ packet.stub(:ip?).and_return(false)
8
+ packet
9
+ end
10
+
11
+ subject { Nmunch::Dissectors::Arp.new(arp_pcap_packet) }
12
+
13
+ describe '#ip_address' do
14
+ it 'returns correct IP address' do
15
+ subject.ip_address.should == '192.168.0.125'
16
+ end
17
+ end
18
+
19
+ describe '#mac_address' do
20
+ it 'returns correct MAC address' do
21
+ subject.mac_address.should == 'de:ad:be:ef:de:ad'
22
+ end
23
+ end
24
+ end
data/spec/lib/nmunch/dissectors/base_spec.rb ADDED
@@ -0,0 +1,45 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::Dissectors::Base do
4
+ let(:arp_pcap_packet) do
5
+ packet = stub(Pcap::Packet)
6
+ packet.stub(:raw_data).and_return(ARP_PACKET_DATA)
7
+ packet.stub(:ip?).and_return(false)
8
+ packet
9
+ end
10
+
11
+ let(:ip_pcap_packet) do
12
+ packet = stub(Pcap::Packet)
13
+ packet.stub(:raw_data).and_return(IP_PACKET_DATA)
14
+ packet.stub(:ip?).and_return(true)
15
+ packet
16
+ end
17
+
18
+ subject { Nmunch::Dissectors::Base.new(arp_pcap_packet) }
19
+
20
+ describe '#pcap_packet' do
21
+ it 'returns pcap packet given in initializer' do
22
+ subject.pcap_packet.should == arp_pcap_packet
23
+ end
24
+ end
25
+
26
+ describe '#raw_data' do
27
+ it 'returns an array of bytes represented in HEX' do
28
+ subject.raw_data.should == ARP_PACKET_DATA.unpack('H*').first.scan(/.{2}/)
29
+ end
30
+ end
31
+
32
+ describe '.factory' do
33
+ context 'when given ARP packet' do
34
+ it 'returns an ARP dissector' do
35
+ Nmunch::Dissectors::Base.factory(arp_pcap_packet).should be_a(Nmunch::Dissectors::Arp)
36
+ end
37
+ end
38
+
39
+ context 'when given an IP packet' do
40
+ it 'returns an IP dissector' do
41
+ Nmunch::Dissectors::Base.factory(ip_pcap_packet).should be_a(Nmunch::Dissectors::Ip)
42
+ end
43
+ end
44
+ end
45
+ end
data/spec/lib/nmunch/dissectors/ip_spec.rb ADDED
@@ -0,0 +1,25 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::Dissectors::Ip do
4
+ let(:ip_pcap_packet) do
5
+ packet = stub(Pcap::Packet)
6
+ packet.stub(:raw_data).and_return(IP_PACKET_DATA)
7
+ packet.stub(:ip?).and_return(true)
8
+ packet
9
+ end
10
+
11
+ subject { Nmunch::Dissectors::Ip.new(ip_pcap_packet) }
12
+
13
+ describe '#ip_address' do
14
+ it 'returns correct IP address' do
15
+ ip_pcap_packet.should_receive(:ip_src).and_return('192.168.0.125')
16
+ subject.ip_address.should == '192.168.0.125'
17
+ end
18
+ end
19
+
20
+ describe '#mac_address' do
21
+ it 'returns correct MAC address' do
22
+ subject.mac_address.should == 'de:ad:be:ef:de:ad'
23
+ end
24
+ end
25
+ end
data/spec/lib/nmunch/mac_oui_lookup_spec.rb ADDED
@@ -0,0 +1,21 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::MacOuiLookup do
4
+ context 'when given an Apple mac address' do
5
+ it 'returns Apple' do
6
+ Nmunch::MacOuiLookup.instance.lookup('58:b0:35:31:33:73').should == 'Apple'
7
+ end
8
+ end
9
+
10
+ context 'when given a Cisco mac address' do
11
+ it 'returns Cisco Systems' do
12
+ Nmunch::MacOuiLookup.instance.lookup('00:01:63:42:42:42').should == 'Cisco Systems'
13
+ end
14
+ end
15
+
16
+ context 'when given a mac address with an unknown prefix' do
17
+ it 'returns Unknown' do
18
+ Nmunch::MacOuiLookup.instance.lookup('de:ad:be:ef:de:ad').should == 'Unknown'
19
+ end
20
+ end
21
+ end
data/spec/lib/nmunch/node_spec.rb ADDED
@@ -0,0 +1,54 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::Node do
4
+ subject { Nmunch::Node.new(ip_address: '192.168.0.1', mac_address: 'de:ad:be:ef:de:ad') }
5
+
6
+ describe '#ip_address' do
7
+ it 'returns correct IP address' do
8
+ subject.ip_address.should == '192.168.0.1'
9
+ end
10
+ end
11
+
12
+ describe '#mac_address' do
13
+ it 'returns correct MAC address' do
14
+ subject.mac_address.should == 'de:ad:be:ef:de:ad'
15
+ end
16
+ end
17
+
18
+ describe '#meta_address?' do
19
+ context 'when IP is not a meta address' do
20
+ it 'returns false' do
21
+ subject.should_not be_meta_address
22
+ end
23
+ end
24
+
25
+ context 'when IP is a meta address' do
26
+ it 'returns true' do
27
+ subject.stub(:ip_address).and_return('0.0.0.0')
28
+ subject.should be_meta_address
29
+ end
30
+ end
31
+ end
32
+
33
+ describe '.create_from_dissector' do
34
+ let(:dissector) do
35
+ dissector = stub
36
+ dissector.stub(:ip_address).and_return('192.168.0.1')
37
+ dissector.stub(:mac_address).and_return('de:ad:be:ef:de:ad')
38
+ dissector
39
+ end
40
+ subject { Nmunch::Node.create_from_dissector(dissector) }
41
+
42
+ it 'returns a node' do
43
+ subject.should be_a(Nmunch::Node)
44
+ end
45
+
46
+ it 'has correct IP address' do
47
+ subject.ip_address.should == '192.168.0.1'
48
+ end
49
+
50
+ it 'has correct MAC address' do
51
+ subject.mac_address.should == 'de:ad:be:ef:de:ad'
52
+ end
53
+ end
54
+ end
data/spec/lib/nmunch/report_spec.rb ADDED
@@ -0,0 +1,39 @@
1
+ require 'spec_helper'
2
+
3
+ class TestSubscriber
4
+ def process(node); end
5
+ end
6
+
7
+ describe Nmunch::Report do
8
+ let(:node) { Nmunch::Node.new(ip_address: '192.168.0.1', mac_address: 'de:ad:be:ef:de:ad') }
9
+ let(:options) { {interface: 'en1'} }
10
+ let(:subscriber) { TestSubscriber.new }
11
+ subject { Nmunch::Report.new(options) }
12
+
13
+ describe '#publish_node' do
14
+ before(:each) do
15
+ subject.register_subscriber(subscriber)
16
+ end
17
+
18
+ it 'delegates the node to the subscriber' do
19
+ subscriber.should_receive(:process).with(node)
20
+ subject.publish_node(node)
21
+ end
22
+
23
+ context 'when node has a meta address' do
24
+ it 'does not delegate node to subscribers' do
25
+ node.stub(:ip_address).and_return('0.0.0.0')
26
+ subscriber.should_not_receive(:process)
27
+ subject.publish_node(node)
28
+ end
29
+ end
30
+
31
+ context 'when node is already discovered' do
32
+ it 'does not delegate node to subscribers' do
33
+ subject.publish_node(node)
34
+ subscriber.should_not_receive(:process)
35
+ subject.publish_node(node)
36
+ end
37
+ end
38
+ end
39
+ end
data/spec/lib/nmunch/subscribers/base_spec.rb ADDED
@@ -0,0 +1,12 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::Subscribers::Base do
4
+ let(:options) { {interface: 'en1'} }
5
+ subject { Nmunch::Subscribers::Base.new(options) }
6
+
7
+ describe '.initialize' do
8
+ it 'assigns options to instance variable' do
9
+ subject.options.should == options
10
+ end
11
+ end
12
+ end
data/spec/lib/nmunch/subscribers/stdout_spec.rb ADDED
@@ -0,0 +1,26 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch::Subscribers::Stdout do
4
+ let(:node) { Nmunch::Node.new(ip_address: '192.168.0.1', mac_address: 'de:ad:be:ef:de:ad') }
5
+ let(:options) { {interface: 'en1'} }
6
+ subject { Nmunch::Subscribers::Stdout.new(options) }
7
+
8
+ describe '#process' do
9
+ it 'prints node details to STDOUT' do
10
+ output = capture_stdout { subject.process(node) }
11
+ output.should include('192.168.0.1')
12
+ output.should include('de:ad:be:ef:de:ad')
13
+ output.should include('Unknown')
14
+ end
15
+
16
+ context 'when --no-prefix-lookup option is set' do
17
+ it 'does not look up mac address prefix' do
18
+ options['no-prefix-lookup'] = true
19
+ output = capture_stdout { subject.process(node) }
20
+ output.should include('192.168.0.1')
21
+ output.should include('de:ad:be:ef:de:ad')
22
+ output.should_not include('Unknown')
23
+ end
24
+ end
25
+ end
26
+ end
data/spec/lib/nmunch_spec.rb ADDED
@@ -0,0 +1,9 @@
1
+ require 'spec_helper'
2
+
3
+ describe Nmunch do
4
+ describe 'PCAP filter expression' do
5
+ it 'allows only ARP and broadcast packets' do
6
+ Nmunch::CAPTURE_FILTER.should == 'arp or broadcast'
7
+ end
8
+ end
9
+ end
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,43 @@
1
+ require 'bundler'
2
+ begin
3
+ Bundler.setup(:default, :development)
4
+ rescue Bundler::BundlerError => e
5
+ $stderr.puts e.message
6
+ $stderr.puts 'Run `bundle install` to install missing gems'
7
+ exit e.status_code
8
+ end
9
+
10
+ require 'pcap'
11
+ require 'ipaddr'
12
+ require 'paint'
13
+ require 'nmunch'
14
+
15
+ RSpec.configure do |config|
16
+ config.filter_run :focus => true
17
+ config.run_all_when_everything_filtered = true
18
+ end
19
+
20
+ def capture_stdout
21
+ original_stdout = $stdout
22
+ $stdout = fake = StringIO.new
23
+ begin
24
+ yield
25
+ ensure
26
+ $stdout = original_stdout
27
+ end
28
+ fake.string
29
+ end
30
+
31
+ ARP_PACKET_DATA = "\xff\xff\xff\xff\xff\xff\xde\xad\xbe\xef\xde\xad\x08\x06\x00\x01" +
32
+ "\x08\x00\x06\x04\x00\x01\xde\xad\xbe\xef\xde\xad\xc0\xa8\x00\x7d" +
33
+ "\x00\x00\x00\x00\x00\x00\xc0\xa8\x00\x42"
34
+
35
+ IP_PACKET_DATA = "\x7b\x22\x68\x6f\x73\x74\xde\xad\xbe\xef\xde\xad\x20\x32\x36\x37" +
36
+ "\x35\x37\x32\x31\x31\x30\x2c\x20\x22\x76\x65\x72\x73\x69\x6f\x6e" +
37
+ "\x22\x3a\x20\x5b\x31\x2c\x20\x38\x5d\x2c\x20\x22\x64\x69\x73\x70" +
38
+ "\x6c\x61\x79\x6e\x61\x6d\x65\x22\x3a\x20\x22\x32\x36\x37\x35\x37" +
39
+ "\x32\x31\x31\x30\x22\x2c\x20\x22\x70\x6f\x72\x74\x22\x3a\x20\x31" +
40
+ "\x37\x35\x30\x30\x2c\x20\x22\x6e\x61\x6d\x65\x73\x70\x61\x63\x65" +
41
+ "\x73\x22\x3a\x20\x5b\x31\x34\x33\x30\x30\x33\x33\x37\x36\x2c\x20" +
42
+ "\x31\x31\x35\x36\x33\x34\x38\x35\x38\x2c\x20\x31\x31\x38\x39\x30" +
43
+ "\x36\x37\x30\x31\x5d\x7d"
metadata ADDED
@@ -0,0 +1,166 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: nmunch
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Michael Henriksen
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-12-11 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: rspec
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
21
+ version: '0'
22
+ type: :development
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ! '>='
28
+ - !ruby/object:Gem::Version
29
+ version: '0'
30
+ - !ruby/object:Gem::Dependency
31
+ name: rake
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: 0.9.2
38
+ type: :development
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ! '>='
44
+ - !ruby/object:Gem::Version
45
+ version: 0.9.2
46
+ - !ruby/object:Gem::Dependency
47
+ name: methadone
48
+ requirement: !ruby/object:Gem::Requirement
49
+ none: false
50
+ requirements:
51
+ - - ~>
52
+ - !ruby/object:Gem::Version
53
+ version: 1.2.3
54
+ type: :runtime
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: 1.2.3
62
+ - !ruby/object:Gem::Dependency
63
+ name: pcap
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - ~>
68
+ - !ruby/object:Gem::Version
69
+ version: 0.7.7
70
+ type: :runtime
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ~>
76
+ - !ruby/object:Gem::Version
77
+ version: 0.7.7
78
+ - !ruby/object:Gem::Dependency
79
+ name: paint
80
+ requirement: !ruby/object:Gem::Requirement
81
+ none: false
82
+ requirements:
83
+ - - ! '>='
84
+ - !ruby/object:Gem::Version
85
+ version: '0'
86
+ type: :runtime
87
+ prerelease: false
88
+ version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
90
+ requirements:
91
+ - - ! '>='
92
+ - !ruby/object:Gem::Version
93
+ version: '0'
94
+ description: Nmunch is a passive network discovery tool that finds live network nodes
95
+ by analyzing ARP and broadcast packets.
96
+ email:
97
+ - michenriksen87@gmail.com
98
+ executables:
99
+ - nmunch
100
+ extensions: []
101
+ extra_rdoc_files: []
102
+ files:
103
+ - .gitignore
104
+ - Gemfile
105
+ - Gemfile.lock
106
+ - LICENSE
107
+ - README.md
108
+ - Rakefile
109
+ - bin/nmunch
110
+ - lib/nmunch.rb
111
+ - lib/nmunch/dissectors/arp.rb
112
+ - lib/nmunch/dissectors/base.rb
113
+ - lib/nmunch/dissectors/ip.rb
114
+ - lib/nmunch/mac_oui_lookup.rb
115
+ - lib/nmunch/node.rb
116
+ - lib/nmunch/report.rb
117
+ - lib/nmunch/subscribers/base.rb
118
+ - lib/nmunch/subscribers/stdout.rb
119
+ - lib/nmunch/version.rb
120
+ - mac-prefixes.txt
121
+ - nmunch.gemspec
122
+ - spec/lib/nmunch/dissectors/arp_spec.rb
123
+ - spec/lib/nmunch/dissectors/base_spec.rb
124
+ - spec/lib/nmunch/dissectors/ip_spec.rb
125
+ - spec/lib/nmunch/mac_oui_lookup_spec.rb
126
+ - spec/lib/nmunch/node_spec.rb
127
+ - spec/lib/nmunch/report_spec.rb
128
+ - spec/lib/nmunch/subscribers/base_spec.rb
129
+ - spec/lib/nmunch/subscribers/stdout_spec.rb
130
+ - spec/lib/nmunch_spec.rb
131
+ - spec/spec_helper.rb
132
+ homepage: https://github.com/michenriksen/nmunch
133
+ licenses: []
134
+ post_install_message:
135
+ rdoc_options: []
136
+ require_paths:
137
+ - lib
138
+ required_ruby_version: !ruby/object:Gem::Requirement
139
+ none: false
140
+ requirements:
141
+ - - ! '>='
142
+ - !ruby/object:Gem::Version
143
+ version: '0'
144
+ required_rubygems_version: !ruby/object:Gem::Requirement
145
+ none: false
146
+ requirements:
147
+ - - ! '>='
148
+ - !ruby/object:Gem::Version
149
+ version: '0'
150
+ requirements: []
151
+ rubyforge_project:
152
+ rubygems_version: 1.8.24
153
+ signing_key:
154
+ specification_version: 3
155
+ summary: OM NOM NOM NOM
156
+ test_files:
157
+ - spec/lib/nmunch/dissectors/arp_spec.rb
158
+ - spec/lib/nmunch/dissectors/base_spec.rb
159
+ - spec/lib/nmunch/dissectors/ip_spec.rb
160
+ - spec/lib/nmunch/mac_oui_lookup_spec.rb
161
+ - spec/lib/nmunch/node_spec.rb
162
+ - spec/lib/nmunch/report_spec.rb
163
+ - spec/lib/nmunch/subscribers/base_spec.rb
164
+ - spec/lib/nmunch/subscribers/stdout_spec.rb
165
+ - spec/lib/nmunch_spec.rb
166
+ - spec/spec_helper.rb